3 matches found
CVE-2015-3359
Summary: CVE-2015-3359 concerns multiple XSS vulnerabilities in the Drupal Room Reservations module (7.x-1.x) prior to 7.x-1.1. Affected component: Room Reservations module for Drupal 7.x. Root cause: module fails to sufficiently sanitize input in the node title of Room Reservations Category and ...
CVE-2015-3359
Multiple cross-site scripting XSS vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the 1 node title of a "Room Reservations Category" ...
SA-CONTRIB-2015-017 - Room Reservations - Cross Site Scripting (XSS)
Room Reservations module enables you to manage a room reservation system. The module doesn't sufficiently sanitize the node title of "Room Reservations Category" nodes and the body of "Room Reservations Room" nodes, thereby leading to a Cross Site Scripting XSS vulnerability. This vulnerability i...